Cisco Cisco Web Security Appliance S170 Guia Do Utilizador
5-10
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Chapter 5 Web Proxy Services
Working with FTP Connections
Authentication Format
Choose the authentication format the FTP Proxy uses when communicating
with FTP clients. For more information, see
with FTP clients. For more information, see
.
Passive Mode Data Port
Range
Range
Specify a range of TCP ports FTP clients should use to establish a data
connection with the FTP Proxy for passive mode connections.
connection with the FTP Proxy for passive mode connections.
Default is 11000-11009.
Active Mode Data Port
Range
Range
Specify a range of TCP ports FTP servers should use to establish a data
connection with the FTP Proxy for active mode connections. This setting
applies to both native FTP and FTP over HTTP connections.
connection with the FTP Proxy for active mode connections. This setting
applies to both native FTP and FTP over HTTP connections.
Default is 12000-12099.
You might want to increase the port range in this field to accommodate more
requests from the same FTP server. Because of the TCP session
TIME-WAIT delay (usually a few minutes), a port does not become
available again for the same FTP server immediately after being used. As a
result, any given FTP server cannot connect to the FTP Proxy in active
mode more than n times in a short period of time, where n is the number of
ports specified in this field.
requests from the same FTP server. Because of the TCP session
TIME-WAIT delay (usually a few minutes), a port does not become
available again for the same FTP server immediately after being used. As a
result, any given FTP server cannot connect to the FTP Proxy in active
mode more than n times in a short period of time, where n is the number of
ports specified in this field.
Welcome Banner
Choose which welcome message should appear in FTP clients:
•
FTP server message. The FTP server message only displays for
transparently redirected connections. When a native FTP connection is
explicitly sent to the FTP Proxy, the FTP client displays a message
predefined by the FTP Proxy.
transparently redirected connections. When a native FTP connection is
explicitly sent to the FTP Proxy, the FTP client displays a message
predefined by the FTP Proxy.
•
Custom message. Enter a message to display for all native FTP
connections.
connections.
Control Connection
Timeouts
Timeouts
Enter how long the FTP Proxy waits for more communication in the control
connection from an idle FTP client or FTP server when the current
transaction has not been completed.
connection from an idle FTP client or FTP server when the current
transaction has not been completed.
For example, if an FTP client opens a control connection and sends some
requests, the FTP Proxy waits for the amount of time specified for the client
side control connection timeout for the next request before closing the open
connection.
requests, the FTP Proxy waits for the amount of time specified for the client
side control connection timeout for the next request before closing the open
connection.
•
Client side. The maximum number of seconds the FTP Proxy keeps a
control connection open with an idle client.
control connection open with an idle client.
•
Server side. The maximum number of seconds the FTP Proxy keeps a
control connection open with an idle FTP server.
control connection open with an idle FTP server.
Default is 300 seconds for both client and server side control connection
timeouts.
timeouts.
Property
Description